The Greatest Security Challenge is Understanding Security

In the early days of the automobile, cars couldn’t be designed to go faster until advances were made in another area: the brakes. If cars couldn’t stop fast enough, people would get hurt.

In a similar way, the rapid pace of technology development is often constrained by variables that need to catch up — such as security measures. But in this case, it’s not that security technology is not advanced, it’s that the leaders within organizations often haven’t kept up with the advances in cybersecurity. As a result, many enterprises are still highly vulnerable to threats,  despite the wide availability of leading-edge solutions.

After all, in just 15 years, security technology has evolved from securing perimeters with firewalls to adding rules around network packet traffic, to segmenting layers within databases, applications and network servers.

Now, in 2022, cybersecurity capabilities are much more advanced. And yet, many companies aren’t taking full advantage of the opportunities to improve their security posture. In this podcast, ® Rob Jackson Senior Product Manager at Rackspace Technology, joins Jeff DeVerter, Chief Technical Evangelist and Cloud Talk host, to discuss the history of cybersecurity and how it has evolved in lockstep with technology innovations.

Today’s cybersecurity landscape is larger than ever, with thousands of products to choose from. This proliferation in and of itself adds to the security challenge because companies aren’t sure which tools they need. What’s more, company leaders aren’t clear on how to properly staff their security teams.

“I’ve had many conversions with CIOs to try and identify the best combination of security tools, processes and people for their environment,” said Jackson. “For example, in an environment experiencing scripted attacks, there is likely a tool they can deploy. But if they are at risk for cybercriminals launching persistent attacks on their network, that will require cybersecurity experts to manage those threats.”

There’s a lot more most companies could be doing to evaluate and understand their current security landscape and protect their systems, networks, applications and data. Jackson shared some of his top recommendations:

• Find out where the risks lie and how to mitigate them as much as possible
• Give security team members time to poke around and proactively find problems
• Include a cyber-aware businessperson on the team who can weigh the business impact of security measures
• Mitigate risk by enforcing user access and identity security measures, including password policies
• Deploy multifactor or zero trust applications to help deflect more attacks

Some of today’s biggest security challenges stem from the failure to align teams within a company. So many divisions are so intent on accelerating their transformational journeys that they don’t want to slow down to include cybersecurity teams in the conversation.

“The reality is that having rigor around security will help ensure their projects don’t go off the rails due to security breaches,” said Jackson. “We always have conversations around balancing accelerated development and security.”

Today, security should be a shared responsibility, added Jackson. “It takes security experts, web developers, application owners, software developers and security code developers all contributing to the end goal of keeping the enterprise safe,”  he said.

With a 14-year career in security, Jackson said, “Now, more than ever, is an exciting time to be in security because we are starting to see innovation both on a technology and operational front. We are constantly exploring a key question with our clients: What security controls, people and processes do you need in place now?”

Cloud Talk covers topics like multicloud, digital transformation, containers and Kubernetes, IoT, edge computing, data and more. Episodes are short and sweet — around half an hour — and available from Apple Podcasts, Spotify, Stitcher and anywhere else podcasts can be found.